[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Safely collecting data to estimate the number of Tor users

To: or-dev@xxxxxxxxxxxxx
Subject: Re: Safely collecting data to estimate the number of Tor users
From: Robert Ransom <rransom.8774@xxxxxxxxx>
Date: Fri, 27 Aug 2010 01:24:09 -0700
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-dev-outgoing@xxxxxxxx
Delivered-to: or-dev@xxxxxxxx
Delivery-date: Fri, 27 Aug 2010 04:22:51 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type; bh=weg3NYAZ15PDEgUpoSV0PMfH1NREGQVp8yzh802jXus=; b=Iv6ci3d249xw+6jCVGgbVj2lPIdoPINfQcR3I6SZhZsxMZ2GkOAGKRdvqJU256UsAj CpmXpGFyHpCDd1eDV2Lue6pwiKCL/OMMw8GZlo+v51blp+xRduDqtLAQkexApifFC5c6 FvjxrfhZ8VXDvVZh+67sdrszekfhbbiCydF/g=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type; b=DDrdI8jS6lAJUqPb9nGArfQbrDq79UO+lM1kyWx2mLUxLjdlTEJlHTyedorVqbT1bX XyM4LQhloQgfbuX8ZgNhQ7szMy/Tj+dzxt3nFIod45ug3QF0/lNLFsAwR2wrStGpuwKY yMbOFsKoic3D058Bbq95q4ZA+MaeLtsI2YV+g=
In-reply-to: <1282892865.19586.27.camel@xxxxxxxxxxx>
References: <4C765082.9040904@xxxxxxx> <1282892865.19586.27.camel@xxxxxxxxxxx>
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-dev@xxxxxxxxxxxxx

On Fri, 27 Aug 2010 09:07:45 +0200
BjÃrn Scheuermann <scheuermann@xxxxxxxxxxxxxxxxxxxxx> wrote:

> FM sketches have (at least) three very intriguing properties for the
> application that you outline:
> 
> 1) Since many IP addresses map to the same bit, you cannot reverse the
> operation, i.e., at least to me it seems that it would be no problem at
> all to exchange the generated bit fields between operators (or between
> operators and you), even if the used hash function, keys, etc. are
> known.

FM sketches were not designed to destroy information about which
elements were hashed into it, and they cannot be relied on to destroy
sensitive information in this application.

If an adversary knows that only one IP address with a certain hash
value could possibly be using Tor, the adversary can use an operator's
FM sketch to determine whether or not that IP address accessed the
operator's directory mirror in the FM sketch's time period.  The
tin-foil-hat crowd and their parodists will also point out that the
adversary may design the hash function to single out certain users.
(Are you enjoying that CIA time-share, Dr. Loesing?)

Robert Ransom

Attachment: signature.asc
Description: PGP signature

Follow-Ups:
- Re: Safely collecting data to estimate the number of Tor users
  - From: Björn Scheuermann

References:
- Safely collecting data to estimate the number of Tor users
  - From: Karsten Loesing
- Re: Safely collecting data to estimate the number of Tor users
  - From: Björn Scheuermann

Prev by Author: Re: Proposal: Separate streams across circuits by destination port or destination host
Next by Author: Re: Safely collecting data to estimate the number of Tor users
Previous by thread: Re: Safely collecting data to estimate the number of Tor users
Next by thread: Re: Safely collecting data to estimate the number of Tor users
Index(es):
- Author
- Thread